[edk2-devel] [PATCH v1 10/14] ArmVirtPkg: : Disables NIST algorithms NetworkPkg

public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed

From: "Doug Flick via groups.io" <dougflick=microsoft.com@groups.io>
To: devel@edk2.groups.io
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>,
	Leif Lindholm <quic_llindhol@quicinc.com>,
	Sami Mujawar <sami.mujawar@arm.com>,
	Gerd Hoffmann <kraxel@redhat.com>
Subject: [edk2-devel] [PATCH v1 10/14] ArmVirtPkg: : Disables NIST algorithms NetworkPkg
Date: Wed,  8 May 2024 08:29:21 -0700	[thread overview]
Message-ID: <20240508152925.741226-11-doug.edk2@gmail.com> (raw)
In-Reply-To: <20240508152925.741226-1-doug.edk2@gmail.com>

The NetworkPkg attempts to use the NIST Algorithms
as defined in the EDK2 specification. If not
available (or if so desired) the platform may
choose to use "Default" and use what is provided by
the platform.

Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Leif Lindholm <quic_llindhol@quicinc.com>
Cc: Sami Mujawar <sami.mujawar@arm.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>

Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com>
---
 ArmVirtPkg/ArmVirt.dsc.inc | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/ArmVirtPkg/ArmVirt.dsc.inc b/ArmVirtPkg/ArmVirt.dsc.inc
index 2bc6a29eb131..00e6b5b5d582 100644
--- a/ArmVirtPkg/ArmVirt.dsc.inc
+++ b/ArmVirtPkg/ArmVirt.dsc.inc
@@ -382,6 +382,13 @@ [PcdsFixedAtBuild.common]
 
   gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard|TRUE
 
+  #
+  # Platforms may not support the EDK2 Standard NIST Algorithms
+  # This Pcd allows for platform to override the attempt to use the NIST Algorithms
+  # and falls back to default such that the platform can own the Rng Algorithm
+  #
+  gEfiNetworkPkgTokenSpaceGuid.PcdEnforceSecureRngAlgorithms|FALSE
+
 [Components.common]
   #
   # Ramdisk support
-- 
2.34.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#118683): https://edk2.groups.io/g/devel/message/118683
Mute This Topic: https://groups.io/mt/105983249/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-

next prev parent reply	other threads:[~2024-05-08 15:29 UTC|newest]

Thread overview: 23+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-05-08 15:29 [edk2-devel] [PATCH v1 00/14] NetworkPkg: CVE-2023-45236 and CVE-2023-45237 Doug Flick via groups.io
2024-05-08 15:29 ` [edk2-devel] [PATCH v1 01/14] EmulatorPkg: : Add RngDxe to EmulatorPkg Doug Flick via groups.io
2024-05-08 15:29 ` [edk2-devel] [PATCH v1 02/14] EmulatorPkg: : Add Hash2DxeCrypto " Doug Flick via groups.io
2024-05-10  3:10   ` Ni, Ray
2024-05-08 15:29 ` [edk2-devel] [PATCH v1 03/14] OvmfPkg:PlatformCI: Support virtio-rng-pci Doug Flick via groups.io
2024-05-08 15:29 ` [edk2-devel] [PATCH v1 04/14] OvmfPkg: : Add Hash2DxeCrypto to OvmfPkg Doug Flick via groups.io
2024-05-08 15:29 ` [edk2-devel] [PATCH v1 05/14] ArmVirtPkg:PlatformCI: Support virtio-rng-pci Doug Flick via groups.io
2024-05-08 15:29 ` [edk2-devel] [PATCH v1 06/14] ArmVirtPkg: : Add Hash2DxeCrypto to ArmVirtPkg Doug Flick via groups.io
2024-05-08 15:29 ` [edk2-devel] [PATCH v1 07/14] NetworkPkg:: SECURITY PATCH CVE-2023-45237 Doug Flick via groups.io
2024-05-08 16:20   ` Ard Biesheuvel
2024-05-08 16:47     ` Doug Flick via groups.io
2024-05-08 16:58       ` Ard Biesheuvel
2024-05-08 18:05         ` Doug Flick via groups.io
2024-05-08 20:40           ` Doug Flick via groups.io
2024-05-08 21:19             ` Ard Biesheuvel
2024-05-08 22:52               ` Michael Brown
2024-05-08 15:29 ` [edk2-devel] [PATCH v1 08/14] NetworkPkg: TcpDxe: SECURITY PATCH CVE-2023-45236 Doug Flick via groups.io
2024-05-08 15:29 ` [edk2-devel] [PATCH v1 09/14] OvmfPkg: Disable NIST Algorithms NetworkPkg Doug Flick via groups.io
2024-05-08 15:29 ` Doug Flick via groups.io [this message]
2024-05-08 15:29 ` [edk2-devel] [PATCH v1 11/14] MdePkg: : Add MockUefiBootServicesTableLib Doug Flick via groups.io
2024-05-08 15:29 ` [edk2-devel] [PATCH v1 12/14] MdePkg: : Adds Protocol for MockRng Doug Flick via groups.io
2024-05-08 15:29 ` [edk2-devel] [PATCH v1 13/14] MdePkg: Add MockHash2 Protocol for testing Doug Flick via groups.io
2024-05-08 15:29 ` [edk2-devel] [PATCH v1 14/14] NetworkPkg: Update the PxeBcDhcp6GoogleTest due to underlying changes Doug Flick via groups.io

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:2bc6a29eb13 dfblob:00e6b5b5d58 )
 OR (
bs:"[edk2-devel] [PATCH v1 10/14] ArmVirtPkg: : Disables NIST algorithms NetworkPkg" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-list from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20240508152925.741226-11-doug.edk2@gmail.com \
    --to=devel@edk2.groups.io \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox